标签:min lis ble 服务器 内容 efault 请求 ref 主机
一、DNS服务存放域名对应IP的记录。将域名转换为IP、将IP转换为域名
IP:标识一台网络设备,通过IP可访问指定网络设备
域名:需注册、如:baidu.com
(1)正向解析:将域名转换为IP地址;如www.baidu.com --> 202.103.250.23
(2)反向解析:将IP转换为域名;如202.103.250.23 --> www.baidu.com
(1)递归查询:发送的内容必须给出结果;客户机和首选DNS之间
(2)迭代查询:发送的内容不需给出回应;DNS服务器和DNS服务器之间
(1)客户端访问www.baidu.com
(2)客户端检查本地是否存在缓存,如果有直接解析并访问
(3)客户端检查hosts文件是否存在对应关系,如果有直接解析并访问
Windows:C:\Windows\System32\drivers\etc\hosts
Linux:/etc/hosts
(4)客户端向首选DNS发送递归查询,服务器收到后检查是否有解析记录,如果有直接将结返回给客户端实现访问(5)首选DNS使用迭代查询方式发送请求给其他DNS服务器,DNS服务器之间依层级寻找,直到根服务器位置,若有找到将结果返回给客户端实现访问
(6)跟服务器收到请求后,将请求转发到对应一级DNS服务器
(7)一级DNS服务器收到请求后,将请求转发到对应二级DNS服务器
(8)二级DNS服务器收到请求后,查找对应域名是否有对应IP,如有对应IP地址
(9)DNS服务器将对应IP告知首选DNS服务器
(10)由首先DNS服务器将IP及对应域名缓存,并将IP告知客户端
(11)如果都未找到解析,则首选DNS返回不可解析消息给客户端实现整个查询结束
(1)缓存DNS:主要用于内网,用于加速内网访问公网域名,可缓存公网域名对应IP。缓存后的记录,当客户端下次使用时,不需寻找DNS,只需寻找缓存
(2)主DNS:提供DNS(域名解析)服务
(3)从DNS:作为主DNS服务器的备用,所有解析记录从主DNS同步,当主DNS失效时,由从DNS继续提供服务
两块网卡,第一块网卡为桥接,第二块vmnet1
(1)cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1
(2)vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=dhcp
(3)vim /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.254
NETMASK=255.255.255.0
(4)/etc/init.d/network restart(1)vim /etc/sysctl.conf
7 net.ipv4.ip_forward = 1
(2)sysctl -piptables -t nat -I POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source 192.168.20.186(换为桥接获取的IP)
//允许192.168.1.0上网yum -y install bind bind-utilsvim /etc/named.conf
options {
listen-on port 53 { 192.168.1.254; }; //设置监听IP地址;需修改
directory "/var/named"; //区域配置文件存放目录
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
allow-query {localhost;}; //删除该行
recursion yes;
forwarders {114.114.114.114;8.8.8.8;}; //转发器设置,将所有DNS查询请求转发
dnssec-enable no; //bind安全检测机制;需修改
dnssec-validation no; //bind安全检测机制;需修改
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN { //指定解析域
type hint; //指定DNS类型,为缓存服务器
file "named.ca"; //根解析文件
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";/etc/init.d/named start && chkconfig --level 35 named on一块网卡vmnet1、网关192.168.1.254、首选DNS 192.168.1.254
cmd --> nslookup www.baidu.comDNS记录种类
SOA记录:起始授权记录,代表所需解析域
NS记录:标识DNS服务器名称
A记录:通过域名解析IP
CNAME记录:别名
MX记录:邮件记录,可自动搜索邮件服务器
AAAA记录:通过域名解析IPV6地址一块网卡为vmnet1
(1)vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.10
NETMASK=255.255.255.0
DNS1=192.168.1.10
DNS2=192.168.1.20(2)/etc/init.d/network restart(3)vim /etc/sysconfig/network
HOSTNAME=ns1.xueluo.orgyum -y install bind bind-utils(1)vim /etc/named.conf
options {
listen-on port 53 { 192.168.1.10; }; //设置监听IP地址;需修改
directory "/var/named"; //区域配置文件存放目录
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query {localhost;}; //删除该行
recursion yes;
dnssec-enable no; //bind安全检测机制;需修改
dnssec-validation no; //bind安全检测机制;需修改
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "xueluo.org" IN { //指定正向解析域为xueluo.org
type master; //指定DNS类型,为主DNS服务器
file "xueluo.org.zone"; //正向解析文件
allow-transfer {192.168.1.20;}; //允许同步服务器IP
};
zone "1.168.192.in-addr.arpa" IN { //指定反向解析区域
type master; //指定DNS类型,为主DNS服务器
file "192.168.1.arpa"; //反向解析文件
allow-transfer {192.168.1.20;}; //允许同步服务器IP
};
include "/etc/named.rfc1912.zones";
incude "/etc/named.root.key";(2)cp /var/named/named.empty /var/named/xueluo.org.zone //拷贝DNS模版文件并重命名(3)cp /var/named/named.empty /var/named/192.168.1.arpa(4)vim /var/named/xueluo.org.zone
$TTL 86400(TTL值,生命周期)
@ IN SOA xueluo.org.(需要解析的域名) admin.xueluo.org.(管理员邮箱) (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns1.xueluo.org. //NS记录(起始授权记录);输入主DNS和从DNS服务器的主机名
IN NS ns2.xueluo.org.
ns1 IN A 192.168.1.10 //DNS服务器对应的IP地址
ns2 IN A 192.168.1.20
www IN A 192.168.1.100 //www.xueluo.org对应的IP
ftp IN CNAME www(5)vim /var/named/192.168.1.arpa
$TTL 86400(TTL值,生命周期)
@ IN SOA xueluo.org.(需要解析的域名) admin.xueluo.org.(管理员邮箱) (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
IN NS ns1.xueluo.org. //NS记录(起始授权记录);输入主DNS和从DNS服务器的主机名
IN NS ns2.xueluo.org.
10 IN PTR ns1.xueluo.org.
20 IN PTR ns2.xueluo.org.
100 IN PTR www.xueluo.org.
ftp IN CNAME www(6)chown named:named /var/named/192.168.1.arpa /var/named/xueluo.org.zone(7)/etc/init.d/named start && chkconfig --level 35 named on一块网卡为vmnet1
(1)vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=eth0
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
BOOTPROTO=static
IPADDR=192.168.1.20
NETMASK=255.255.255.0
DNS1=192.168.1.20
DNS2=192.168.1.10(2)/etc/init.d/network restart(3)vim /etc/sysconfig/network
HOSTNAME=ns2.xueluo.orgyum -y install bind bind-utils(1)scp root@192.168.1.10:/etc/named.conf /etc/(2)vim /etc/named.conf
options {
listen-on port 53 { 192.168.1.20; }; //设置监听IP地址;需修改
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt"; recursion yes;
dnssec-enable no;
dnssec-validation no;
dnssec-lookaside auto;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "xueluo.org" IN {
type slave; //指定DNS类型,为从DNS服务器
file "slaves/xueluo.org.zone"; //指定同步后正向解析文件存储路径
masters {192.168.1.10;}; //指定主DNS对应IP
};
zone "1.168.192.in-addr.arpa" IN {
type slave; //指定DNS类型,为从DNS服务器
file "slaves/192.168.1.arpa"; //指定同步后反向解析文件存储路径
masters {192.168.1.10;}; //指定主DNS对应IP
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";(3)/etc/init.d/named start && chkconfig --level 35 named on //启动named服务并设置为开机自启(4)ls -l /var/named/slaves/ //验证是否有拷贝的文件一块网卡vmnet1、首选DNS 192.168.1.10、 备用DNS 192.168.1.20
cmd --> nslookup www.xueluo.org //nslookup(DNS解析命令)标签:min lis ble 服务器 内容 efault 请求 ref 主机
原文地址:http://blog.51cto.com/13770206/2139952
